Deploy the CyberArk Identity Connector
This section describes how to deploy and manage the CyberArk Identity Connector.
The CyberArk Identity Connector is a multipurpose service that provides support for key features and enables secure communication between other services on your internal network or a cloud instance. Not all services require a connector, however. For example, if all users are CyberArk Cloud Directory user accounts, the connector isn’t required.
You must have at least one connector for the following use cases.
Use Active Directory or LDAP as a directory service
This topic describes how to install the CyberArk Identity Connector to integrate your Active Directory/LDAP service with CyberArk Identity. The CyberArk Identity Connector adds AD as a directory service by enabling secure communication between CyberArk Identity and your AD domain.
The CyberArk Identity Connector is installed on your network inside the firewall, runs on domain-joined Windows server, and monitors AD for changes to users and groups.
Manage application access with App Gateway
With App Gateway, you can configure on-premise applications for off-site access without requiring a VPN connection.
For more information, see App Gateway.
Enforce MFA on VPN clients that support RADIUS
Configure the connector as a RADIUS server to enforce MFA on RADIUS clients.
Refer to MFA for VPNs and VDIs for more information.
In this section: